Electronic signatures (e-signatures) can take many forms, including typed names, checkboxes clicked to agree, and handwritten signatures made on tablets. Digital signatures are a type of e-signature that provide security features like signer authentication, data integrity, and non-repudiation. Certificate-based digital signatures use digital certificates from a certificate authority to authenticate the signer, while self-signed certificates are less secure but suitable for internal use. Services like Adobe Sign automate the e-signature process and can reduce approval cycles and administrative costs. E-signatures allow documents to be legally signed without paper and provide benefits over traditional wet signatures.
2. 4Point.com
There are two kinds of signatures today:
• Electronic Signatures
This is any signature that is in electronic form, i.e. as opposed to
paper-based ink signatures. An e-sign is any “mark” made by the
person to confirm their approval of the document or transaction.
• Digital Signatures
These are actually a subset of electronic signatures
because they are also in electronic form. However digital
signatures go much further in terms of providing security
and trust services.
What is a e-Signature?
3. 4Point.com
Differences between Electronic and Digital Signatures
Electronic Signature
• Examples of electronic signatures include: a scanned image of the person ink signature,
a mouse squiggle on a screen or a hand-signature created on a tablet using your finger
or stylus, a signature at the bottom of your email, a typed name, a biometric hand-
signature signed on a specialist signing hardware device, a video signature, a voice
signature, a click in an “I Agree” checkbox, etc. The list is actually endless.
4. 4Point.com
Differences between Electronic and Digital Signatures
Digital Signature
• Signer authentication:
i.e. proof of who actually signed the document. i.e. digital signatures linking the user’s
signature to an actual identifiable entity.
• Data integrity:
i.e. proof that the document has not been changed since signing. The digital signature
depends on every binary bit of the document and therefore can’t be re-attached to any other
document.
• Non-repudiation:
i.e. the signer should not be able to falsely deny having signed their signature. That is, it
should be possible to prove in a court that the signer in fact created the signature.
5. 4Point.com
“Digital Signatures allow the reader of electronic documents to sign without
using a pen”
… "electronic signature" means information in an electronic form that a person has
created or adopted in order to sign a document and that is in, attached to or associated
with the document .
We will discuss 5 different types of signatures:
– Certificate-based Signatures
– Electronic Signature
– Signing Services (Adobe Sign)
– Signatures to Certify Documents
What is a e-Signature?
6. 4Point.com
Certificate-Based e-Signatures
What is a Certificate-Based Signature?
• A Digital Certificate – Provided by a third party Certificate Authority (CA) like
Verisign/Symantec, Entrust, GlobalSign…
• Adobe Self-Signed Signature – you create yourself with a copy of Acrobat
When would a client use one of these signatures?
• Digital Certificates from a CA:
– Highly secure transactions (usually financial)
– Digital certificate requires a password to authenticate
• Adobe Self-sign certificate
– Day to day internal PDF form processes
– Does not provide the non-repudiation as there is no
CA (you are who you say your are)
7. 4Point.com
• Digital certificates can be stored on your device
(trust store), a USB key, a Hardware Security
Module (HSM)
• These all require a password in order to apply the
signature to a document
• In a PDF document, the signature can have any
kind of appearance, but its not the appearance that
is important but the fact that the password challenge
was successful to put the appearance on the PDF
• You can configure the appearance of a signature on
your local copy of Adobe Reader/Acrobat which can
include an image
• You can tell if a document signed with a digital
certificate has been tampered with
Certificate-Based e-Signatures Cont’d
9. 4Point.com
Electronic Signature
Different types of Electronic Signatures:
• Scanned image of the person ink signature
• Mouse squiggle on a screen
• Hand-signature created on a tablet using your finger or stylus
• Signature at the bottom of your email
• Typed name
• Biometric hand-signature signed on a specialist signing hardware device
• Video signature
• Voice signature
• Click an “I Agree” checkbox
10. 4Point.com
Electronic Signature
Scribble Signature
• Actual image of the signature is captured.
• Has useful feature such as Geographic location detection, date and time
• HTML5 and Adaptive forms use scribble signatures
• Allows users to apply their pen signature on a electronic form on Mobile devices
• Becoming an accepted way of signing forms on mobile devices
11. 4Point.com
What is Adobe Sign and Value to companies
What?
• In just one click, the Adobe Sign solution automates the entire e-signature process from the
request for signature to the distribution and automatic filing of the executed document.
• With nothing to download, learn or install, there is simply no faster or secure way to get your
contracts signed, tracked and filed.
Who uses it?
• Sales, HR, Finance, IT, and Operations
Value
• Cut approval cycles by 50-500%
• Reduce post-follow administration by 50-75%
• Increase top line revenue
17. 4Point.com
Digital Signatures to Certify Documents
When and why to certify documents:
• When it’s a PDF document of record
• To prove authenticity and integrity of the documents that are published
• Sign a form on behalf of a public notary
• Validate signatures on documents before moving to a document management system
• Extend ROI on existing investments in public key infrastructure (PKI)
Digital signatures are a way of making it easier to sign forms. This allows the reader to sign the form without using a pen and can be easily sent by e-mail. This “digital signature” is a way of uniquely identifying the signer when authorizing a document.
Digital signatures are a way of making it easier to sign forms. This allows the reader to sign the form without using a pen and can be easily sent by e-mail. This “digital signature” is a way of uniquely identifying the signer when authorizing a document.
A certificate-based signature, like a conventional handwritten signature, identifies the person signing a document. Unlike a handwritten signature, a certificate-based signature is difficult to forge because it contains encrypted information that is unique to the signer. It can be easily verified and informs recipients whether the document was modified after the signer initially signed the document.
To sign a document with a certificate-based signature, you must obtain a digital ID or create a self-signed digital ID in Acrobat or Adobe Reader. The digital ID contains a private key and a certificate with a public key and more. The private key is used to create the certificate
When you apply a certificate-based signature, Acrobat uses a hashing algorithm to generate a message digest, which it encrypts using your private key. Acrobat embeds the encrypted message digest in the PDF, certificate details, signature image, and a version of the document when it was signed.e-based signature. The certificate is a credential that is automatically applied to the signed document. The signature is verified when recipients open the document.
Some Certificate Authority Companies- Verisign, Entrust, DigiSign
You can have multiple digital IDs that you use for different purposes, particularly if you sign documents in different roles or using different certification methods. Digital IDs are usually password protected. They can be stored on your computer in PKCS #12 file format. Digital IDs can also be stored on a smart card, hardware token, or in the Windows certificate store.
It enhances security on your system so that someone if someone get’s on your system, they need an special password to sign documents on your behalf.
You can have multiple digital IDs that you use for different purposes, particularly if you sign documents in different roles or using different certification methods. Digital IDs are usually password protected. They can be stored on your computer in PKCS #12 file format. Digital IDs can also be stored on a smart card, hardware token, or in the Windows certificate store.
It enhances security on your system so that someone if someone get’s on your system, they need an special password to sign documents on your behalf.
Mobile Forms are increasingly being used on touch devices, and one common requirement is to support signatures. Scribing is becoming an accepted way of signing forms on mobile devices, think about when you get a parcel delivered to you, you now sign on a signature pad, not a piece of paper.
Once a Signature Scribble field has been added to the form and rendered, clicking or tapping on the field opens a dialog box. The user can scribble a signature in the draw area designated by a dotted rectangle, using a mouse, finger or stylus.
Clicking the geolocation icon while creating the scribble causes geographic location and time information to be embedded into the field.
Mobile Forms are increasingly being used on touch devices, and one common requirement is to support signatures. Scribing is becoming an accepted way of signing forms on mobile devices, think about when you get a parcel delivered to you, you now sign on a signature pad, not a piece of paper.
Once a Signature Scribble field has been added to the form and rendered, clicking or tapping on the field opens a dialog box. The user can scribble a signature in the draw area designated by a dotted rectangle, using a mouse, finger or stylus.
Clicking the geolocation icon while creating the scribble causes geographic location and time information to be embedded into the field.
Adaptive Form component that connect to Adobe Sign
API submission of Document of records from a process to Adobe Sign.
Aside from the direct tangible benefits of investing in AEM Forms Digital Signatures, businesses can also extend the ROI on existing investments in public key infrastructure (PKI) and associated key management hardware.
You can protect the integrity of forms by allowing people to use certificates to digitally sign forms. After the form is signed, the signed portion cannot be altered without invalidating the signature. The digital signature invokes a third-party signature handler that provides the required digital signature functionality.
Verifying the signature guarantees that no one tampered with the data after it was submitted.
Ee-Sign Act : On June 30, 2000, President Bill Clinton signed the e-Sign Act into law without a pen. Instead, he used an electronic signature. An e-signature was granted the same status as a written signature under the terms of this legislation.
So, the simple answer is, yes, e-signatures are legal
According the e-Sign Act, an e-signature is defined as “an electronic sound, symbol, process attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record and be legally bound.” The key takeaway for purposes of contract enforcement is that the electronic sound, symbol, or process must be both associated with a contract or other document and adopted by the signatory, by some act, with the intent to be bound.